Cyber scammers have recently hit two families that we know personally. The damage done was significant in both cases. For those of us who fear of being scammed, hacked, or having our identity stolen, we often live in fear instead of enjoying life. What can we do to protect ourselves? Erik recently attended a presentation on cyber security, and he passes on some of what he learned below.
First, it might help to understand that the thieves are not just individuals, but increasingly they are organized networks of skilled individuals who are capable of pulling off elaborate schemes. This was the case in both of the above-mentioned situations. Both involved scammers having knowledge of specific, private information unique to each family which the scammers cleverly used to deceive their targets. Perhaps the lesson from both of these instances is to be wary of unsolicited phone calls and emails that involve financial matters or that require an immediate response.
Before you respond, “I would never fall for something like that!”, remember that these are highly sophisticated and professionally executed schemes motivated by the money they hope to steal. Regardless of a cyber criminal’s approach, the underlying goal is the same: capturing personal information, including usernames and passwords. They do this by scanning social media, hacking emails and texts, installing Malware on computers and devices, and acquiring information from the Dark Web. Before you get too overwhelmed, read on to discover simple, practical tips that will help keep you safe.
The best steps recommended by security professionals are also easy to put in place. Here they are, not necessarily in order of importance:
- Use unique and complex passwords
The biggest mistake that most of us make is that we use the same passwords, or variations of them, on multiple sites, and to make them easy to remember, we use nicknames, birth years, old addresses, cars, or school mascots, etc.—information which can be found on social media or bought at legal “background search” services.
- Use a password manager
The difficulty of maintaining multiple unique and complex passwords challenges all of us. A password manager is nothing less than an electronic version of the lists we maintain in our heads or in notebooks of all our different passwords—only it is more secure and saves you time and effort. Updating a password or creating a new one is no longer a 15-minute brain teaser that diverts your attention and drains your energy. My password manager makes it a snap, generating and storing unique and complex passwords with a click. With all of web-based services we utilize in today’s cloud-based world, a password manager is a true benefit. Now you need develop only one complex password to enter the password manager itself.
- Use 2-factor (or 2-step) authentication
This is one of the most effective safeguards to implement! After entering your username and password, the second factor, or step, add a layer of security by requiring you to enter a temporary PIN. If your username and password are ever compromised, this second “step” can still prevent criminals from accessing your accounts. 2-factor authentication is offered by most financial institutions, and professionals recommend also adding the feature to password managers, websites which keep your credit card information on file, and even to email accounts.
The temporary PIN is delivered in different ways, depending on the company. It is most commonly provided by text or through an “app”, often from third parties like Symantec’s VIP Access. Since even text messages can be hacked, security professionals often recommend receiving the PIN through an “app”, if that feature is available.
- Freeze your credit
All three credit bureaus (Equifax, Experian, and Transunion) offer free services that include temporary credit freezes. Freezing your accounts can help prevent criminals from opening illegal accounts by blocking access to your credit report. If you do this, just remember to make an exception when refinancing your mortgage or cosigning a student-loan for your college-bound child!
- Allow account activity alerts
Most financial institutions, including the credit bureaus, offer account activity alerts delivered to your email or phone. The credit bureaus can keep you informed of new accounts opened in your name, while credit cards and banks can keep you informed of transactions that meet pre-set criteria. Such alerts enable you to keep an eye on what’s going on with your finances in real-time.